The "Trojan Source" vulnerability
The latest branded and trademarked vulnerability type is called "Trojan Source". By playing trickswith Unicode bidirectional support, an attacker can create malicious codethat appears to be benign to reviewers. "The attack is to usecontrol characters embedded in comments and strings to reorder source codecharacters in a way that changes its logic." Various releases,including Rust1.56.1,are being made to address this problem.